2021年9月
java使用HttpURLConnection 去下载资源。
- 有一天突然就出现这个bug了。经过查询是ssl证书问题。 首先下载的资源是 https:// 的资源,但这个资源的ssl证书已经过期,或者是错误的,不授信的。这种情况你看很多网上说去改代码。我就想说这是资源的问题,1.修改成http:// 2.更新证书。代码中可以做一个简单的try catch操作,抛出一个对方需要更新证书的信息就可以了
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1546)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at com.agile.cloud.util.FileUploadUtil.getImageFromNetByUrl(FileUploadUtil.java:620)
at com.agile.cloud.service.ContractInfoNewServiceImpl.uploadContractUrl(ContractInfoNewServiceImpl.java:2767)
at com.agile.cloud.service.ContractInfoNewServiceImpl$$FastClassBySpringCGLIB$$f53bf706.invoke(<generated>)
2021年10月
2021年10月21日
上次说因为证书的问题,会报sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to
错误,后来那个客户更新了证书后依然出错,通常正常的链接资源是没问题的。这里copy一份网上的解决方案。
- 新建一个工具类SslUtils
import javax.net.ssl.SSLSession;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
public class SslUtils {
public static void trustAllHttpsCertificates() throws Exception {
TrustManager[] trustAllCerts = new TrustManager[1];
TrustManager tm = new miTM();
trustAllCerts[0] = tm;
SSLContext sc = SSLContext.getInstance("SSL");
sc.init(null, trustAllCerts, null);
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
}
static class miTM implements TrustManager, X509TrustManager {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
public boolean isServerTrusted(X509Certificate[] certs) {
return true;
}
public boolean isClientTrusted(X509Certificate[] certs) {
return true;
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType)
throws CertificateException {
return;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType)
throws CertificateException {
return;
}
}
/**
* 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
*
* @throws Exception
*/
public static void ignoreSsl() throws Exception {
HostnameVerifier hv = new HostnameVerifier() {
@Override
public boolean verify(String urlHostName, SSLSession session) {
return true;
}
};
trustAllHttpsCertificates();
HttpsURLConnection.setDefaultHostnameVerifier(hv);
}
}
- 在调用下载之前,调用
SslUtils.ignoreSsl()
方法
SslUtils.ignoreSsl();
URL url = new URL(strUrl);
HttpURLConnection conn = (HttpURLConnection)url.openConnection();
2021年11月
在cherry-pick的时候出现以下错误提示,是对同一提交重复做cherry-pick引起的。
On branch***
You are currentlycherry-picking.
(all conflicts fixed: run "gitcommit")
nothing to commit,working directory clean
The previouscherry-pick is now empty, possibly due to conflict resolution.
If you wish to commitit anyway, use:
git commit --allow-empty
Otherwise, please use'git reset'
分析:没有冲突输出,提示如果要提交,需要做空提交,说明这次cherry-pick的内容可能已经在这个分支上提交过了。
验证:1、查看这个哈希值所修改的文件 2、查看某个文件的修改log 3、有相同的提交注释